Man page - arjun(1)

Packages contains this manual

Package:  arjun
apt-get install arjun

Manuals in package:
• arjun(1)
Documentations in package:
• arjun

Manual

arjun

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
AUTHOR

---

NAME

arjun - HTTP parameter discovery suite

SYNOPSIS

arjun [ -h ] [ -u URL ] [ -o JSON_FILE ] [ -oT TEXT_FILE ] [ -oB [ BURP_PORT ]] [ -d DELAY ] [ -t THREADS ] [ -w WORDLIST ] [ -m METHOD ] [ -i [ IMPORT_FILE ]]
[ -T TIMEOUT ] [ -c CHUNKS ] [ -q ] [ --headers [ HEADERS ]] [ --passive [ PASSIVE ]] [ --stable ] [ --include INCLUDE ] [ --disable-redirects ]

DESCRIPTION

Arjun can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters (or queries) to accept user input, take the following example into consideration:

http://api.example.com/v1/userinfo?id=751634589

This URL seems to load user information for a specific user id, but what if there exists a parameter named admin which when set to True makes the endpoint provide more information about the user? This is what Arjun does, it finds valid HTTP parameters with a huge default dictionary of 25,890 parameter names. The best part? It takes less than 10 seconds to go through this huge list while making just 50-60 requests to the target. Here’s how.

	-		Supports GET/POST/POST-JSON/POST-XML requests
	-		Automatically handles rate limits and timeouts
	-		Export results to: BurpSuite, text or JSON file
	-		Import targets from: BurpSuite, text file or a raw request file
	-		Can passively extract parameters from JS or 3 external sources

OPTIONS

-h, --help

show this help message and exit.

-u URL

Target URL .

-o JSON_FILE , -oJ JSON_FILE

Path for json output file.

-oT TEXT_FILE

Path for text output file.

-oB [ BURP_PORT ]

Port for output to Burp Suite Proxy. Default port is 8080.

-d DELAY

Delay between requests in seconds. (default: 0).

-t THREADS

Number of concurrent threads. (default: 5).

-w WORDLIST

Wordlist file path. (default: /usr/lib/python3/dist-packages/ arjun /db/large.txt).

-m METHOD

Request method to use: GET/POST/XML/JSON/ HEADERS . (default: GET).

-i [ IMPORT_FILE ]

Import target URLs from file.

-T TIMEOUT

HTTP request timeout in seconds. (default: 15).

-c CHUNKS

Chunk size. The number of parameters to be sent at once.

-q

Quiet mode. No output.

--headers [ HEADERS ]

Add headers. Separate multiple headers with a new line.

--passive [ PASSIVE ]

Collect parameter names from passive sources like wayback, commoncrawl and otx.

--stable

Prefer stability over speed.

--include INCLUDE

Include this data in every request.

--disable-redirects

disable redirects.

EXAMPLES

arjun -h

arjun -u http://site.example.com/test.php

arjun -u http://site.example.com/test.php -o test.json

arjun -u http://site.example.com -t 5

arjun -u http://site.example.com --stable

AUTHOR

Written by Somdev Sangwan <s0md3v@gmail.com>

This manual page was written by Guilherme de Paula Xavier Segundo <guilherme.lnx@gmail.com> for the Debian project (but may be used by others).

---